CVE-2013-1830 (fedora, moodle)

CVE-2013-1830 (fedora, moodle)

user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote attackers to obtain sensitive course-profile information by leveraging the guest role, as demonstrated by a Google search.

Source: CVE-2013-1830 (fedora, moodle)

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다